Bug Hunting Session
Bug 77313 - CoinMP has broken format strings; fails -Werror=format-security
Summary: CoinMP has broken format strings; fails -Werror=format-security
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium major
Assignee: Not Assigned
URL:
Whiteboard: target:4.3.0
Keywords:
Depends on:
Blocks:
 
Reported: 2014-04-11 08:44 UTC by Rene Engelhard
Modified: 2014-06-02 06:41 UTC (History)
3 users (show)

See Also:
Crash report or crash signature:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Rene Engelhard 2014-04-11 08:44:17 UTC
with Debians default buildflags for package builds, which are

$ dpkg-buildflags
CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security
CPPFLAGS=-D_FORTIFY_SOURCE=2
CXXFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security
FFLAGS=-g -O2
LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro

(note the -Werror=format-security):

[...]
 g++ -DHAVE_CONFIG_H -I. -I. -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -DCOINUTILS_BUILD -MT CoinMessageHandler.lo -MD -MP -MF .deps/CoinMessageHandler.Tpo -c CoinMessageHandler.cpp  -fPIC -DPIC -o .libs/CoinMessageHandler.o
CoinMessageHandler.cpp: In member function 'CoinMessageHandler& CoinMessageHandler::operator<<(double)':
CoinMessageHandler.cpp:823:35: error: format not a string literal and no format arguments [-Werror=format-security]
cc1plus: some warnings being treated as errors
make[3]: *** [CoinMessageHandler.lo] Error 1

bad(tm)
Comment 1 Julien Nabet 2014-04-12 23:07:21 UTC
Just for information, here's the block (from workdir/UnpackedTarball/coinmp/CoinUtils/src/CoinMessageHandler.cpp on master sources udpated today):
    819         else {
    820           sprintf(messageOut_,g_format_,doublevalue);
    821           if (next != format_+2) {
    822             messageOut_+=strlen(messageOut_);
    823             sprintf(messageOut_,format_+2);
    824           }
    825         }

Matúš: one for you?
Comment 2 Commit Notification 2014-05-22 06:11:35 UTC
Matuš Kukan committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=197f2016e3164702db168e11f98f42042092e68e

fdo#77313: coinmp: error: format not a string literal and no format arguments



The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 3 Commit Notification 2014-05-22 19:27:33 UTC
Matuš Kukan committed a patch related to this issue.
It has been pushed to "libreoffice-4-3":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=8b952c68c22bdd0e737fa67171c3a46f52607550&h=libreoffice-4-3

fdo#77313: coinmp: error: format not a string literal and no format arguments


It will be available in LibreOffice 4.3.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 4 Joel Madero 2014-05-27 14:55:54 UTC
Marking as NEW - will leave it to developer to mark as FIXED.
Comment 5 Matúš Kukan 2014-06-02 06:41:29 UTC
I believe it's fixed, so closing the bug now.